Claims 



A method of providing access via a first network (30) to a service facilitated 
by a second network (90), said method comprising the steps of: 

a) using an authentication message to signal a service selection informa- 
tion via said first network to an authentication server means (50) of 
said second network (30); and 

b) using said service selection information to connect to services pro- 
vided over an access point indicated by said service selection informa- 
tion. 

A method according toclaim 1 , wherein said first network is a wireless local 
area network (30). 

A method according to any one of the preceding claims, wherein said sec- 
ond network is a cellular packet-switched network (70). 

A method according to claim 3, wherein said cellular packet-switched net- 
work is a GPRS network (70). 

A method according to any one of the preceding claims, wherein said 
authentication message is an EAP message. 

A method according to claim 5, wherein said EAP message is an EAP SIM 
or EAP AKA message. 

A method according to claim 5 or 6, wherein said authentication message is 
an EAP Challenge Response message. 

A method according to any one of the preceding claims, wherein said 
service selection information comprises at least one APN parameter. 

A method according to claim 8, wherein said at least one APN parameter 
comprises an APN, a username and a password. 

A method according to claim 7 or 8, wherein said APN parameter is en- 
crypted in said authentication message. 
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11. A method according to claim 9 or 10, wherein at least one of said APN pa- 
rameters is encrypted so that it can only be decrypted at the network de- 
fined by the APN) 

12. An authentication server device for providing an authentication mechanism, 
5 said authentication server (50) being arranged: 

a) to extract from a received authentication message a service selection 
information for selecting a service; and 

b) to use said service selection information for establishing a connection to 
services provided over an access point indicated by said service selec- 

10 tion information. 

13. An authentication server according to claim 12, wherein said authentication 
mechanism is based on an EAP protocol. 

14. An authentication server according to claim 13, wherein said received au- 
thentication message is an EAP Challenge Response message. 

15 15 An authentication server according to any one of claims 12 to 14, wherein 
said authentication server is a standalone WLAN authentication server (50). 

16. An authentication server according to any one of claims 12 to 14, wherein 
said authentication server is a GGSN. 

17. An authentication server device according to any one of claims 12 to 16, 
20 wherein said service selection information comprises at least one APN pa- 
rameter. 

18. An authentication server according to claim 17 , wherein said APN parame- 
ter is encrypted in said authentication message. 

19. An authentication server according to claim 17 or 18, wherein at least one 
25 of said APN parameters is decrypted in said authentication server. 

20. An authentication server according to claims 17 to 19 , wherein at least one 
of said APN parameter is forwarded by the authentication server to said ac- 
cess point in an encrypted manner. 



-11 - 



21 . A terminal device for providing access to a network service, said device be- 
ing arranged to set in an authentication message a service selection infor- 
mation for selecting said network service. 

22. A device according to claim 21 , wherein said authentication message is an 
5 EAP message. 

23. A device according to claim 22, wherein said EAP message is an EAP 
Challenge Response message. 

24. A device according to claim 23, wherein said EAP Challenge Response 
message is an EAP SIM or EAP AKA Challenge Response message. 

10 25. A device according to any one of claims 21 to 24, wherein said service se- 
lection information comprises at least one APN parameter. 

26. A device according to any one of claims 21 to 25, wherein said service is a 
GPRS service. 

27. A system for providing access from a first network (30) to a service of a 

15 second network (90), said system comprising a terminal device according to 

any one of claims 21 to 26, said terminal device (10) being connected to 
said first network (30), and an authentication server device (40) according 
to any one of claims 14 to 20, said authentication server being connected to 
said second network. 
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